changeset 1687:93753d2303cd

Show the self-signed cert warning dialog even when no CN given. I'm still not getting the page afterward -- wrote the request, read zero bytes -- but oh well.
author corvid <corvid@lavabit.com>
date Tue, 03 Aug 2010 16:42:54 +0000
parents 523350565889
children d13576c96a71
files dpi/https.c
diffstat 1 files changed, 11 insertions(+), 11 deletions(-) [+]
line wrap: on
line diff
--- a/dpi/https.c	Tue Aug 03 16:17:39 2010 +0000
+++ b/dpi/https.c	Tue Aug 03 16:42:54 2010 +0000
@@ -416,7 +416,7 @@
    int response_number;
    int ret = -1;
    long st;
-   char *cn, *cn_end;
+   char *cn;
    char buf[4096], *d_cmd, *msg;
 
    X509 * remote_cert;
@@ -452,19 +452,19 @@
       case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
          /*Either self signed and untrusted*/
          /*Extract CN from certificate name information*/
-         if ((cn = strstr(remote_cert->name, "/CN=")) == NULL)
-            break;
-
-         cn += 4;
+         if ((cn = strstr(remote_cert->name, "/CN=")) == NULL) {
+            strcpy(buf, "(no CN given)");
+         } else {
+            char *cn_end;
 
-         if ((cn_end = strstr(cn, "/")) == NULL )
-            cn_end = cn + strlen(cn);
+            cn += 4;
 
-         strncpy(buf, cn, (size_t) (cn_end - cn));
+            if ((cn_end = strstr(cn, "/")) == NULL )
+               cn_end = cn + strlen(cn);
 
-         /*Add terminating NULL*/
-         buf[cn_end - cn] = 0;
-
+            strncpy(buf, cn, (size_t) (cn_end - cn));
+            buf[cn_end - cn] = '\0';
+         }
          msg = dStrconcat("The remote certificate is self-signed and "
                           "untrusted.\nFor address: ", buf, NULL);
          d_cmd = a_Dpip_build_cmd(